virus logo FortiClient Vulnerability

OpenSSL CVE-2014-0198 Denial of Service Vulnerability

description-logoDescription

A flaw in the do_ssl3_write function can allow remote attackers tocause a denial of service via a NULL pointer dereference. This flawonly affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS isenabled, which is not the default and not common.OpenSSL 1.0.0 users should upgrade to 1.0.0m.OpenSSL 1.0.1 users should upgrade to 1.0.1h.This issue was reported in public. The fix was developed byMatt Caswell of the OpenSSL development team.

affected-products-logoAffected Applications

OpenSSL

CVE References

CVE-2014-0198

Other References

https://www.openssl.org/news/vulnerabilities.html
ID 39798
Created Jan 17, 2020
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor OpenSSL
Patch manual
Application OpenSSL